Purple News
- Red Teaming: A Story From the Trenches
- How to Install and Perform Wi-Fi Attacks with Wifiphisher
- The Human Element in Cybersecurity: Understanding Trust and Social Engineering
- In Through the Front Door – Protecting Your Perimeter
- Can’t Stop, Won’t Stop Hijacking (CSWSH) WebSockets
- Wishing: Webhook Phishing in Teams
- OSINT for Incident Response (Part 2)
- Initial Access Operations Part 2: Offensive DevOps
- Talkin’ About Infosec News – 2/28/2024
- Initial Access Operations Part 1: The Windows Endpoint Defense Technology Landscape
- Throwback Thursday | I Got an Alert, Now What?
- Throwback Thursday | Why Developers Hate Infosec
- Throwback Thursday | Exploiting Persistent XSS
- Throwback Thursday | Hackers in the Boardroom
- Throwback Thursday | Tool Demo – Riverside
- Throwback Thursday | The Fools Gold Rush to Compliance
- Throwback Thursday | Is the PKI Sky Falling?
- Throwback Thursday | What’s Old is Gold
- Throwback Thursday | Wireless Attack Killchain for N00bs
- Throwback Thursday | Six Things No One !@#$%^& Told Me About Pentesting
- Best EDR Of The Market (BEOTM) – Endpoint Detection and Response Testing Tool
- AgentSmith HIDS – Host Based Intrusion Detection
- padre – Padding Oracle Attack Exploiter Tool
- Privacy Implications of Web 3.0 and Darknets
- DataSurgeon – Extract Sensitive Information (PII) From Logs
- Pwnagotchi – Maximize Crackable WPA Key Material For Bettercap
- HardCIDR – Network CIDR and Range Discovery Tool
- Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage
- CFRipper – CloudFormation Security Scanning & Audit Tool
- CredNinja – Test Credential Validity of Dumped Credentials or Hashes
- VectorKernel - PoCs For Kernelmode Rootkit Techniques Research
- Cookie-Monster - BOF To Steal Browser Cookies & Credentials
- NoArgs - Tool Designed To Dynamically Spoof And Conceal Process Arguments While Staying Undetected
- Frameless-Bitb - A New Approach To Browser In The Browser (BITB) Without The Use Of Iframes, Allowing The Bypass Of Traditional Framebusters Implemented By Login Pages Like Microsoft And The Use With Evilginx
- Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking
- Porch-Pirate - The Most Comprehensive Postman Recon / OSINT Client And Framework That Facilitates The Automated Discovery And Exploitation Of API Endpoints And Secrets Committed To Workspaces, Collections, Requests, Users And Teams
- APKDeepLens - Android Security Insights In Full Spectrum
- RemoteTLSCallbackInjection - Utilizing TLS Callbacks To Execute A Payload Without Spawning Any Threads In A Remote Process
- Sicat - The Useful Exploit Finder
- CloudGrappler - A purpose-built tool designed for effortless querying of high-fidelity and single-event detections related to well-known threat actors in popular cloud environments such as AWS and Azure
- GDBFuzz - Fuzzing Embedded Systems Using Hardware Breakpoints
- ADOKit - Azure DevOps Services Attack Toolkit
- Attackgen - Cybersecurity Incident Response Testing Tool That Leverages The Power Of Large Language Models And The Comprehensive MITRE ATT&CK Framework
- Chiasmodon - An OSINT Tool Designed To Assist In The Process Of Gathering Information About A Target Domain
- ST Smart Things Sentinel - Advanced Security Tool To Detect Threats Within The Intricate Protocols utilized By IoT Devices
- VolWeb - A Centralized And Enhanced Memory Analysis Platform
- Drozer - The Leading Security Assessment Framework For Android
- DroidLysis - Property Extractor For Android Apps
- R2Frida - Radare2 And Frida Better Together
- Cloud_Enum - Multi-cloud OSINT Tool. Enumerate Public Resources In AWS, Azure, And Google Cloud
- Rrgen - A Header Only C++ Library For Storing Safe, Randomly Generated Data Into Modern Containers
- Noia - Simple Mobile Applications Sandbox File Browser Tool
- AutoWLAN - Run A Portable Access Point On A Raspberry Pi Making Use Of Docker Containers
- Radamsa - A General-Purpose Fuzzer
- Pentest-Muse-Cli - AI Assistant Tailored For Cybersecurity Professionals
- Google Dork: #red-team #red-teaming
- #red-teaming
- #red-team
- #redteaming
- #redteam
- #pentest
- #pentesting
- #bug-bounty
- #bugbounty